Re: [PATCH] powerpc/mm: add devmem_is_allowed() for STRICT_DEVMEM checking
From: Josh Boyer <hidden>
Date: 2011-01-31 19:25:11
On Mon, Jan 31, 2011 at 2:16 PM, Steve Best [off-list ref] wrote:
quoted hunk ↗ jump to hunk
=A0 =A0Provide devmem_is_allowed() routine to restrict access to kernel =A0 =A0memory from userspace. =A0 =A0Set CONFIG_STRICT_DEVMEM config option to switch on checking. Signed-off-by: Steve Best <redacted>diff --git a/arch/powerpc/Kconfig.debug b/arch/powerpc/Kconfig.debug index 2d38a50..6805d5d 100644 --- a/arch/powerpc/Kconfig.debug +++ b/arch/powerpc/Kconfig.debug@@ -299,4 +299,16 @@ config PPC_EARLY_DEBUG_CPM_ADDR=A0 =A0 =A0 =A0 =A0platform probing is done, all platforms selected must =A0 =A0 =A0 =A0 =A0share the same address. +config STRICT_DEVMEM + =A0 =A0 =A0 =A0def_bool y + =A0 =A0 =A0 =A0prompt "Filter access to /dev/mem" + =A0 =A0 =A0 =A0---help--- + =A0 =A0 =A0 =A0 =A0This option restricts access to /dev/mem. =A0If this=
option is
+ =A0 =A0 =A0 =A0 =A0disabled, you allow userspace access to all memory, =
including
+ =A0 =A0 =A0 =A0 =A0kernel and userspace memory. Accidental memory acces=
s is likely
+ =A0 =A0 =A0 =A0 =A0to be disastrous. + =A0 =A0 =A0 =A0 =A0Memory access is required for experts who want to de=
bug the kernel.
quoted hunk ↗ jump to hunk
+ + =A0 =A0 =A0 =A0 =A0If you are unsure, say Y. + =A0endmenudiff --git a/arch/powerpc/include/asm/page.h b/arch/powerpc/include/asm/p=
age.h
quoted hunk ↗ jump to hunk
index 53b64be..f225032 100644--- a/arch/powerpc/include/asm/page.h +++ b/arch/powerpc/include/asm/page.h@@ -262,6 +262,11 @@ extern void copy_user_page(void *to, void *from, uns=
igned long vaddr,
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0struct page *p);
=A0extern int page_is_ram(unsigned long pfn);
+static inline int devmem_is_allowed(unsigned long pfn)
+{
+ =A0 =A0 =A0 =A0return 0;
+}
+Er, should this be toggled via CONFIG_STRICT_DEVMEM somehow? Or I guess I'm missing why the config option had to be added if not. josh